WatchGuard Support Center

Knowledge Base - Article

 Web browsing slow or fails with OCSP validation in HTTPS proxy

Products: Firebox & XTM
Operating System: 12.4.x
Operating System: 12.5.x
Issue Status: Resolved
Tracking ID: FBX-16583
Status: Resolved
Resolved In: 12.5.1 Update 1
If you enable OCSP validation in the TLS profile selected for an HTTPS proxy action that does not have Content Inspection enabled, users will experience slow connections to HTTPS web addresses, or connections that fail completely.

This issue occurs when the OCSP responder takes longer than expected.
This issue does not occur if OCSP validation is disabled. To learn more, see Configure TLS Profiles.